As a Security Researcher, you will:
- Analyze mobile applications
- Perform in-depth technical research on Android and iOS application architectures
- Identify forensic artifacts from mobile apps
- Analyze both static and runtime behaviors of mobile applications
- Develop scripts and tooling to automate process
If you have:
- Strong knowledge of operating system internals
- At least 2 years of experience with advance static and dynamic analysis tools (e.g., Ghidra and Jadx)
- Strong ability to analyze and follow application logic in decompiled code (Java/Objective-C)
- Basic understanding of ARM64 assembly
- Solid understanding of Android and iOS application architecture
- Familiarity with app sandboxing, file system layouts, common data storage locations such as SQLite databases/shared Preferences/Plist/Secure storage (Keychain/Keystore/Secure Enclave)
- Experience or familiarity with Frida or mobile debuggers
- Ability to trace function calls and intercept data at runtime
- Strong software development skills in Python
- Basic understanding of cryptographic concepts (Android Keystore/iOS Keychain)
- Understating of common encryption patterns (symmetric & asymmetric)
- Ability to recognize encryption usage within application logic
- Ability to write efficient parsers and custom data-extraction logic
It would be great if you also have:
- Familiarity with mobile malware analysis or mobile forensics tools
- Experience in analyzing obfuscated code (ProGuard, R8 and custom obfuscation)
- Experience handling binary or semi-structured data
- Background in security research or digital forensics